Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32392e33352e302f32342d3234203d3e2037343138.roa
File:                     3230302e32392e33352e302f32342d3234203d3e2037343138.roa (raw, json)
Hash identifier:          AFWXo/uScIOpuC//8oNGH7ngFPvp6zs6fpg0Z7kRuWA=
Subject key identifier:   71:95:56:72:0F:D7:49:E9:1F:1B:2F:81:81:5F:62:1C:AF:8F:6E:BB
Certificate issuer:       /CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
Certificate serial:       0F81C51E34A322E0F5B4EC9300097C6CC616A3CF
Authority key identifier: 25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32392e33352e302f32342d3234203d3e2037343138.roa
Signing time:             Tue 05 Mar 2024 17:52:07 +0000
ROA not before:           Tue 05 Mar 2024 17:47:07 +0000
ROA not after:            Tue 04 Mar 2025 17:52:07 +0000
asID:                     7418
IP address blocks:        200.29.35.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:81:c5:1e:34:a3:22:e0:f5:b4:ec:93:00:09:7c:6c:c6:16:a3:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
        Validity
            Not Before: Mar  5 17:47:07 2024 GMT
            Not After : Mar  4 17:52:07 2025 GMT
        Subject: CN=719556720FD749E91F1B2F81815F621CAF8F6EBB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:af:38:f7:0d:9b:ff:d1:f1:bd:a1:f2:77:99:
                    b4:7f:9e:8f:47:af:e8:55:f1:a6:a7:21:cf:90:ee:
                    0f:bc:ce:e6:95:c2:74:96:b4:2a:11:f4:d4:b5:7c:
                    a4:b9:61:6d:c2:6d:cb:af:17:8c:e7:e8:e1:7e:3d:
                    fe:09:bc:b6:c8:e4:22:4b:29:e1:23:dc:42:e1:3c:
                    25:5d:4e:bc:15:38:7e:e3:1d:9c:32:ae:d0:5a:ba:
                    d9:f0:2f:f0:c2:ee:d7:5c:a4:08:c1:74:e3:90:42:
                    ca:3e:60:bd:22:4c:b3:5c:04:69:c6:98:47:c7:6e:
                    14:26:0e:e2:6a:0c:90:f7:a0:50:bc:95:ca:3b:9f:
                    b4:ee:5a:e3:92:60:16:85:ef:a2:3c:72:6a:e4:bf:
                    f8:b9:b3:08:a8:f3:30:37:f6:c5:f0:6b:7e:07:64:
                    c5:93:a7:a6:28:b6:20:2c:90:1a:90:4c:87:13:0d:
                    3b:7c:de:ee:12:89:b3:a5:5c:91:df:4a:7d:27:fa:
                    8a:0d:f2:cd:28:d1:1b:53:ee:be:89:8f:e9:08:f2:
                    82:40:d0:ef:50:cd:26:2c:66:47:d8:a7:c3:4a:c6:
                    bf:e8:c9:b6:46:43:26:98:aa:3c:d0:fe:88:93:0b:
                    a0:dd:60:d8:e2:a0:eb:de:09:f9:b7:1c:3d:48:43:
                    96:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:95:56:72:0F:D7:49:E9:1F:1B:2F:81:81:5F:62:1C:AF:8F:6E:BB
            X509v3 Authority Key Identifier:
                keyid:25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e32392e33352e302f32342d3234203d3e2037343138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.29.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:1b:34:70:e1:4c:1b:f6:0b:3f:60:01:76:e7:07:6b:24:ca:
         70:29:54:a1:70:7b:dc:24:5d:52:59:d8:00:5d:91:04:4e:b0:
         b4:2b:28:88:fd:9a:13:c2:0b:2c:fa:b2:85:6b:ed:af:2f:29:
         ab:ae:80:ab:37:94:2c:a7:26:b9:96:80:09:74:1a:2e:be:39:
         dd:7c:69:51:71:00:6f:fe:11:6f:11:11:c9:fa:c9:bd:77:17:
         f9:dc:72:09:49:28:00:f9:41:8f:2c:7d:40:1b:cc:ef:01:75:
         b8:4b:ab:98:22:bf:1b:59:0c:55:96:2e:79:67:ea:0c:d4:77:
         25:2a:19:20:96:75:24:eb:0b:a8:c8:ba:0d:44:74:3f:92:7f:
         85:6c:ae:04:e4:3b:81:f7:94:60:34:6a:11:3b:b5:b4:8e:a1:
         7c:35:ac:43:8b:28:55:f3:ce:83:cd:21:6a:7d:c3:79:63:d9:
         17:7c:a0:1c:9a:57:d5:73:a5:0c:4b:84:67:48:d9:9c:63:8c:
         6f:3e:de:c0:a6:a9:0f:5d:8d:a7:e0:70:f3:e3:1d:d3:38:be:
         01:06:bd:4f:4e:7a:96:1c:af:76:53:e6:2a:cf:1b:1f:3d:01:
         25:63:39:df:b6:6d:a1:70:0e:90:65:34:49:96:31:84:39:ce:
         c4:84:f2:91
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUD4HFHjSjIuD1tOyTAAl8bMYWo88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVDRDZBNEZCQzhCRUUzNEEyREMzNzE3OTNBMDlFMjc0
RTBFMzY2MTAeFw0yNDAzMDUxNzQ3MDdaFw0yNTAzMDQxNzUyMDdaMDMxMTAvBgNV
BAMTKDcxOTU1NjcyMEZENzQ5RTkxRjFCMkY4MTgxNUY2MjFDQUY4RjZFQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYrzj3DZv/0fG9ofJ3mbR/no9H
r+hV8aanIc+Q7g+8zuaVwnSWtCoR9NS1fKS5YW3CbcuvF4zn6OF+Pf4JvLbI5CJL
KeEj3ELhPCVdTrwVOH7jHZwyrtBautnwL/DC7tdcpAjBdOOQQso+YL0iTLNcBGnG
mEfHbhQmDuJqDJD3oFC8lco7n7TuWuOSYBaF76I8cmrkv/i5swio8zA39sXwa34H
ZMWTp6YotiAskBqQTIcTDTt83u4SibOlXJHfSn0n+ooN8s0o0RtT7r6Jj+kI8oJA
0O9QzSYsZkfYp8NKxr/oybZGQyaYqjzQ/oiTC6DdYNjioOveCfm3HD1IQ5YrAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUcZVWcg/XSekfGy+BgV9iHK+PbrswHwYDVR0j
BBgwFoAUJc1qT7yL7jSi3DcXk6CeJ04ONmEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTUyQkFDQjZEMjdFNDgyNjcwMzZGN0NCRDZDQzRBREVF
NjBCQTFEMUNGRjVFRjU5NDgxQTkwQkEyMDcxREQ3LzAvMjVDRDZBNEZCQzhCRUUz
NEEyREMzNzE3OTNBMDlFMjc0RTBFMzY2MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNUNENkE0RkJDOEJFRTM0QTJE
QzM3MTc5M0EwOUUyNzRFMEUzNjYxLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDk1MkJBQ0I2RDI3RTQ4MjY3MDM2RjdDQkQ2Q0M0QURFRTYwQkExRDFD
RkY1RUY1OTQ4MUE5MEJBMjA3MURENy8wLzMyMzAzMDJlMzIzOTJlMzMzNTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM3MzQzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyB0jMA0GCSqG
SIb3DQEBCwUAA4IBAQBwGzRw4Uwb9gs/YAF25wdrJMpwKVShcHvcJF1SWdgAXZEE
TrC0KyiI/ZoTwgss+rKFa+2vLymrroCrN5Qspya5loAJdBouvjndfGlRcQBv/hFv
ERHJ+sm9dxf53HIJSSgA+UGPLH1AG8zvAXW4S6uYIr8bWQxVli55Z+oM1HclKhkg
lnUk6wuoyLoNRHQ/kn+FbK4E5DuB95RgNGoRO7W0jqF8NaxDiyhV886DzSFqfcN5
Y9kXfKAcmlfVc6UMS4RnSNmcY4xvPt7ApqkPXY2n4HDz4x3TOL4BBr1PTnqWHK92
U+YqzxsfPQElYznftm2hcA6QZTRJljGEOc7EhPKR
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:25 2024 by rpki-client on console-ams.rpki-client.org